detect-engine-register.c File Reference

#include "suricata-common.h"
#include "suricata.h"
#include "detect.h"
#include "flow.h"
#include "flow-private.h"
#include "flow-bit.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-profile.h"
#include "detect-engine-alert.h"
#include "detect-engine-siggroup.h"
#include "detect-engine-address.h"
#include "detect-engine-proto.h"
#include "detect-engine-port.h"
#include "detect-engine-mpm.h"
#include "detect-engine-iponly.h"
#include "detect-engine-threshold.h"
#include "detect-engine-prefilter.h"
#include "rust.h"
#include "detect-engine-payload.h"
#include "detect-engine-dcepayload.h"
#include "detect-dns-name.h"
#include "detect-dns-response.h"
#include "detect-tls-sni.h"
#include "detect-tls-certs.h"
#include "detect-tls-cert-fingerprint.h"
#include "detect-tls-cert-issuer.h"
#include "detect-tls-cert-subject.h"
#include "detect-tls-cert-serial.h"
#include "detect-tls-alpn.h"
#include "detect-tls-subjectaltname.h"
#include "detect-tls-random.h"
#include "detect-tls-ja3-hash.h"
#include "detect-tls-ja3-string.h"
#include "detect-tls-ja3s-hash.h"
#include "detect-tls-ja3s-string.h"
#include "detect-engine-state.h"
#include "detect-engine-analyzer.h"
#include "detect-http-cookie.h"
#include "detect-http-method.h"
#include "detect-http-ua.h"
#include "detect-http-host.h"
#include "detect-mark.h"
#include "detect-nfs-version.h"
#include "detect-engine-event.h"
#include "decode.h"
#include "detect-config.h"
#include "detect-smtp.h"
#include "detect-base64-decode.h"
#include "detect-base64-data.h"
#include "detect-ipaddr.h"
#include "detect-ipopts.h"
#include "detect-tcp-flags.h"
#include "detect-fragbits.h"
#include "detect-fragoffset.h"
#include "detect-gid.h"
#include "detect-tcp-ack.h"
#include "detect-tcp-seq.h"
#include "detect-content.h"
#include "detect-uricontent.h"
#include "detect-pcre.h"
#include "detect-depth.h"
#include "detect-nocase.h"
#include "detect-rawbytes.h"
#include "detect-bytetest.h"
#include "detect-bytemath.h"
#include "detect-bytejump.h"
#include "detect-sameip.h"
#include "detect-l3proto.h"
#include "detect-ipproto.h"
#include "detect-within.h"
#include "detect-distance.h"
#include "detect-offset.h"
#include "detect-sid.h"
#include "detect-prefilter.h"
#include "detect-priority.h"
#include "detect-classtype.h"
#include "detect-reference.h"
#include "detect-tag.h"
#include "detect-threshold.h"
#include "detect-metadata.h"
#include "detect-msg.h"
#include "detect-rev.h"
#include "detect-flow.h"
#include "detect-flow-age.h"
#include "detect-flow-pkts.h"
#include "detect-flow-elephant.h"
#include "detect-requires.h"
#include "detect-tcp-window.h"
#include "detect-tcp-wscale.h"
#include "detect-ftpbounce.h"
#include "detect-ftp-dynamic-port.h"
#include "detect-isdataat.h"
#include "detect-id.h"
#include "detect-rpc.h"
#include "detect-asn1.h"
#include "detect-filename.h"
#include "detect-filestore.h"
#include "detect-filemagic.h"
#include "detect-filemd5.h"
#include "detect-filesha1.h"
#include "detect-filesha256.h"
#include "detect-filesize.h"
#include "detect-dataset.h"
#include "detect-datarep.h"
#include "detect-dsize.h"
#include "detect-flowvar.h"
#include "detect-flowint.h"
#include "detect-pktvar.h"
#include "detect-noalert.h"
#include "detect-flowbits.h"
#include "detect-hostbits.h"
#include "detect-xbits.h"
#include "detect-csum.h"
#include "detect-stream_size.h"
#include "detect-engine-sigorder.h"
#include "detect-ttl.h"
#include "detect-fast-pattern.h"
#include "detect-itype.h"
#include "detect-icode.h"
#include "detect-icmp-id.h"
#include "detect-icmp-seq.h"
#include "detect-icmpv4hdr.h"
#include "detect-igmphdr.h"
#include "detect-igmp-type.h"
#include "detect-dce-iface.h"
#include "detect-dce-opnum.h"
#include "detect-dce-stub-data.h"
#include "detect-urilen.h"
#include "detect-bsize.h"
#include "detect-detection-filter.h"
#include "detect-http-client-body.h"
#include "detect-http-server-body.h"
#include "detect-http-header.h"
#include "detect-http-header-names.h"
#include "detect-http-headers.h"
#include "detect-http-raw-header.h"
#include "detect-http-uri.h"
#include "detect-http-protocol.h"
#include "detect-http-start.h"
#include "detect-http-stat-msg.h"
#include "detect-http-request-line.h"
#include "detect-http-response-line.h"
#include "detect-http2.h"
#include "detect-byte-extract.h"
#include "detect-file-data.h"
#include "detect-pkt-data.h"
#include "detect-replace.h"
#include "detect-tos.h"
#include "detect-app-layer-event.h"
#include "detect-app-layer-state.h"
#include "detect-lua.h"
#include "detect-iprep.h"
#include "detect-geoip.h"
#include "detect-app-layer-protocol.h"
#include "detect-template.h"
#include "detect-template2.h"
#include "detect-tcphdr.h"
#include "detect-tcpmss.h"
#include "detect-udphdr.h"
#include "detect-icmpv6hdr.h"
#include "detect-icmpv6-mtu.h"
#include "detect-ipv4hdr.h"
#include "detect-ipv6hdr.h"
#include "detect-krb5-cname.h"
#include "detect-krb5-errcode.h"
#include "detect-krb5-sname.h"
#include "detect-krb5-ticket-encryption.h"
#include "detect-sip-method.h"
#include "detect-sip-uri.h"
#include "detect-target.h"
#include "detect-ja4-hash.h"
#include "detect-ftp-command.h"
#include "detect-entropy.h"
#include "detect-ftp-command-data.h"
#include "detect-ftp-completion-code.h"
#include "detect-ftp-reply.h"
#include "detect-ftp-mode.h"
#include "detect-ftp-reply-received.h"
#include "detect-bypass.h"
#include "detect-ftpdata.h"
#include "detect-engine-content-inspection.h"
#include "detect-transform-pcrexform.h"
#include "detect-transform-luaxform.h"
#include "util-rule-vars.h"
#include "app-layer.h"
#include "app-layer-protos.h"
#include "app-layer-htp.h"
#include "app-layer-smtp.h"
#include "detect-frame.h"
#include "detect-tls.h"
#include "detect-tls-cert-validity.h"
#include "detect-tls-version.h"
#include "detect-http-stat-code.h"
#include "detect-ssl-version.h"
#include "detect-ssl-state.h"
#include "detect-modbus.h"
#include "detect-dnp3.h"
#include "detect-vlan.h"
#include "detect-email.h"
#include "action-globals.h"
#include "tm-threads.h"
#include "pkt-var.h"
#include "conf.h"
#include "conf-yaml-loader.h"
#include "stream-tcp.h"
#include "stream-tcp-inline.h"
#include "util-lua.h"
#include "util-var-name.h"
#include "util-classification-config.h"
#include "util-threshold-config.h"
#include "util-print.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "util-debug.h"
#include "util-hashlist.h"
#include "util-privs.h"
#include "util-profiling.h"
#include "util-validate.h"
#include "util-optimize.h"
#include "util-path.h"
#include "util-mpm-ac.h"
#include "runmodes.h"

Go to the source code of this file.

Macros
#define	ARRAY_CAP_STEP   16

Functions
bool	SCSigTableHasKeyword (const char *keyword)
	Check if a keyword exists. More...
int	SigTableList (const char *keyword)
void	SCDetectHelperKeywordSetCleanCString (uint16_t id)
void	SigTableCleanup (void)
int	SCSigTablePreRegister (void(*KeywordsRegister)(void))
void	SigTableInit (void)
void	SigTableSetup (void)
void	SigTableRegisterTests (void)

Variables
int	DETECT_TBLSIZE = 0
int	DETECT_TBLSIZE_IDX = DETECT_TBLSIZE_STATIC

Detailed Description

Author

Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t

Definition in file detect-engine-register.c.

Macro Definition Documentation

ARRAY_CAP_STEP

#define ARRAY_CAP_STEP   16

Definition at line 492 of file detect-engine-register.c.

Function Documentation

SCDetectHelperKeywordSetCleanCString()

void SCDetectHelperKeywordSetCleanCString

(

uint16_t

id

)

Definition at line 471 of file detect-engine-register.c.

References SigTableElmt_::Cleanup, and sigmatch_table.

SCSigTableHasKeyword()

bool SCSigTableHasKeyword

(

const char *

keyword

)

Check if a keyword exists.

Definition at line 372 of file detect-engine-register.c.

References DETECT_TBLSIZE, name, SigTableElmt_::name, and sigmatch_table.

SCSigTablePreRegister()

int SCSigTablePreRegister

(

void(*)(void)

KeywordsRegister

)

Definition at line 500 of file detect-engine-register.c.

SigTableCleanup()

void SigTableCleanup

(

void

)

Definition at line 476 of file detect-engine-register.c.

References SigTableElmt_::Cleanup, DETECT_TBLSIZE, SCFree, and sigmatch_table.

Referenced by GlobalsDestroy().

Here is the caller graph for this function:

SigTableInit()

void SigTableInit

(

void

)

Definition at line 516 of file detect-engine-register.c.

References DETECT_TBLSIZE, DETECT_TBLSIZE_STATIC, DETECT_TBLSIZE_STEP, FatalError, SCCalloc, and sigmatch_table.

Referenced by ListKeywords(), LLVMFuzzerTestOneInput(), PostConfLoadedSetup(), and RunUnittests().

Here is the caller graph for this function:

SigTableList()

int SigTableList

(

const char *

keyword

)

Definition at line 389 of file detect-engine-register.c.

References DETECT_TBLSIZE, name, SigTableElmt_::name, and sigmatch_table.

Referenced by ListKeywords().

Here is the caller graph for this function:

SigTableRegisterTests()

void SigTableRegisterTests

(

void

)

Definition at line 775 of file detect-engine-register.c.

References coverage_unittests, DETECT_TBLSIZE, g_ut_covered, g_ut_modules, name, SigTableElmt_::RegisterTests, SCLogDebug, SCLogWarning, and sigmatch_table.

SigTableSetup()

void SigTableSetup

(

void

)

Definition at line 528 of file detect-engine-register.c.

References DetectAckRegister(), DetectAppLayerEventRegister(), DetectAppLayerProtocolRegister(), DetectAppLayerStateRegister(), DetectAsn1Register(), DetectBase64DataRegister(), DetectBase64DecodeRegister(), DetectBsizeRegister(), DetectBypassRegister(), DetectByteExtractRegister(), DetectBytejumpRegister(), DetectBytemathRegister(), DetectBytetestRegister(), DetectClasstypeRegister(), DetectConfigRegister(), DetectContentRegister(), DetectCsumRegister(), DetectDatarepRegister(), DetectDatasetRegister(), DetectDceIfaceRegister(), DetectDceOpnumRegister(), DetectDceStubDataRegister(), DetectDepthRegister(), DetectDetectionFilterRegister(), DetectDistanceRegister(), DetectDNP3Register(), DetectDnsNameRegister(), DetectDnsResponseRegister(), DetectDsizeRegister(), DetectEngineEventRegister(), DetectEntropyRegister(), DetectFastPatternRegister(), DetectFiledataRegister(), DetectFilemagicRegister(), DetectFileMd5Register(), DetectFilenameRegister(), DetectFileSha1Register(), DetectFileSha256Register(), DetectFilesizeRegister(), DetectFilestoreRegister(), DetectFlagsRegister(), DetectFlowAgeRegister(), DetectFlowbitsRegister(), DetectFlowBytesRegister(), DetectFlowBytesToClientRegister(), DetectFlowBytesToServerRegister(), DetectFlowElephantRegister(), DetectFlowintRegister(), DetectFlowPktsRegister(), DetectFlowPktsToClientRegister(), DetectFlowPktsToServerRegister(), DetectFlowRegister(), DetectFlowvarRegister(), DetectFragBitsRegister(), DetectFragOffsetRegister(), DetectFrameRegister(), DetectFtpbounceRegister(), DetectFtpCommandDataRegister(), DetectFtpCommandRegister(), DetectFtpCompletionCodeRegister(), DetectFtpdataRegister(), DetectFtpDynamicPortRegister(), DetectFtpModeRegister(), DetectFtpReplyReceivedRegister(), DetectFtpReplyRegister(), DetectGeoipRegister(), DetectGidRegister(), DetectHostbitsRegister(), DetectHttp2Register(), DetectHttpClientBodyRegister(), DetectHttpCookieRegister(), DetectHttpHeaderNamesRegister(), DetectHttpHeaderRegister(), DetectHttpHeadersRegister(), DetectHttpHHRegister(), DetectHttpMethodRegister(), DetectHttpProtocolRegister(), DetectHttpRawHeaderRegister(), DetectHttpRequestHeaderRegister(), DetectHttpRequestLineRegister(), DetectHttpResponseHeaderRegister(), DetectHttpResponseLineRegister(), DetectHttpServerBodyRegister(), DetectHttpStartRegister(), DetectHttpStatCodeRegister(), DetectHttpStatMsgRegister(), DetectHttpUARegister(), DetectHttpUriRegister(), DetectIcmpIdRegister(), DetectIcmpSeqRegister(), DetectIcmpv4HdrRegister(), DetectICMPv6hdrRegister(), DetectICMPv6mtuRegister(), DetectICodeRegister(), DetectIdRegister(), DetectIGMPHdrRegister(), DetectIGMPTypeRegister(), DetectIPAddrBufferRegister(), DetectIpOptsRegister(), DetectIPProtoRegister(), DetectIPRepRegister(), DetectIpv4hdrRegister(), DetectIpv6hdrRegister(), DetectIsdataatRegister(), DetectITypeRegister(), DetectJa4HashRegister(), DetectKrb5CNameRegister(), DetectKrb5ErrCodeRegister(), DetectKrb5SNameRegister(), DetectKrb5TicketEncryptionRegister(), DetectL3ProtoRegister(), DetectLuaRegister(), DetectMarkRegister(), DetectMetadataRegister(), DetectModbusRegister(), DetectMsgRegister(), DetectNfsVersionRegister(), DetectNoalertRegister(), DetectNocaseRegister(), DetectOffsetRegister(), DetectPcreRegister(), DetectPktDataRegister(), DetectPktvarRegister(), DetectPrefilterRegister(), DetectPriorityRegister(), DetectRawbytesRegister(), DetectReferenceRegister(), DetectRegisterAppLayerHookLists(), DetectReplaceRegister(), DetectRequiresRegister(), DetectRevRegister(), DetectRpcRegister(), DetectSameipRegister(), DetectSeqRegister(), DetectSidRegister(), DetectSipMethodRegister(), DetectSipUriRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectStreamSizeRegister(), DetectTagRegister(), DetectTargetRegister(), DetectTcphdrRegister(), DetectTcpmssRegister(), DetectTcpWscaleRegister(), DetectTemplate2Register(), DetectTemplateRegister(), DetectThresholdRegister(), DetectTlsAlpnRegister(), DetectTlsCertChainLenRegister(), DetectTlsCertsRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), DetectTlsJa3StringRegister(), DetectTlsRandomRegister(), DetectTlsRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectAltNameRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectTosRegister(), DetectTransformLuaxformRegister(), DetectTransformPcrexformRegister(), DetectTtlRegister(), DetectUdphdrRegister(), DetectUricontentRegister(), DetectUrilenRegister(), DetectWindowRegister(), DetectWithinRegister(), and DetectXbitsRegister().

Referenced by ListKeywords(), LLVMFuzzerTestOneInput(), and RunUnittests().

Here is the caller graph for this function:

Variable Documentation

DETECT_TBLSIZE

int DETECT_TBLSIZE = 0

Definition at line 267 of file detect-engine-register.c.

Referenced by PrefilterSetupRuleGroup(), SCDetectHelperNewKeywordId(), SCProfilingKeywordThreadSetup(), SCProfilingKeywordUpdateCounter(), SCSigTableHasKeyword(), SigMatchStrictEnabled(), SigTableApplyStrictCommandLineOption(), SigTableCleanup(), SigTableInit(), SigTableList(), and SigTableRegisterTests().

DETECT_TBLSIZE_IDX

int DETECT_TBLSIZE_IDX = DETECT_TBLSIZE_STATIC

Definition at line 268 of file detect-engine-register.c.

Referenced by SCDetectHelperNewKeywordId().